Privacy Code of Conduct on mhealth apps the role of soft-law in enhancing trust ehealth Week 2016

Size: px
Start display at page:

Download "Privacy Code of Conduct on mhealth apps the role of soft-law in enhancing trust ehealth Week 2016"

Transcription

1 Privacy Code of Conduct on mhealth apps the role of soft-law in enhancing trust ehealth Week 2016 Pēteris Zilgalvis, J.D., Head of Unit for Health and Well-Being, DG CONNECT

2 Table of Contents 1. Context and scope 2. Objectives and process 3. Structure 4. Content

3 Context and scope Green Paper on mhealth (2014): Public consultation identified importance of strong privacy and security tools to increase trust in mhealth apps; Agreement to work on a Code of Conduct on mhealth apps at stakeholder meeting in March 2015 Legal basis in Article 27 of the Data Protection Directive (Article 40 of the GDPR); Code of Conduct as a voluntary instrument; Scope: covering data protection principles to be followed in the development of mhealth apps (apps processing health data);

4 Objectives and process Objectives: Raising awareness and facilitating compliance with data protection rules at EU level; Increased trust by citizens; Competitive advantage. Parties involved: drafting team made up of industry members; the EC facilitating and coordinating the process; external editor to assist the drafting; Current state of play: Draft Code is finalised and was submitted to the Article 29 Working Party for their review on 7 June 2016

5 Overview of the process Drafting the Code Wider distribution to stakeholders Submission of the Code to the 29WP Receiving and processing feedback Final approval by 29WP Application in practice

6 Content of the Code of Conduct About the Code of Conduct: Introduction Objective Scope: mobile apps which process personal data, including health data Governance Practical Guidelines for app developers Annex I Data Protection Impact Assessment (template) Annex II Privacy policy (sample)

7 Practical Guidelines I User's consent: free, specific and informed (explicit consent for health data); Main principles: Purpose limitation, data minimisation, Privacy by design and Privacy by default; Information requirements: name and contact of the developer, purpose of processing, categories of data; Retention of the data: not longer than necessary; Security measures: technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, disclosure, access etc.;

8 Practical Guidelines II Use of advertisement in apps: context-related ads Optout, personalised ads Opt-in; Secondary use of the data: compatible with the original purpose, otherwise new consent needed; Disclosure to third parties for processing operations: information of the user, binding legal agreement; Transfer to third countries: based on legal guarantees (such as adequacy decisions, European Commission Model Contracts); Personal data breaches: checklist, notification duty;

9 Governance structure General Assembly representatives of app developers, the data protection community, industry associations and end-users; consultative organ; ensuring financial stability; Governance board appointed by the General Assembly; decision making powers; maintenance, interpretation and evolution of the Code; Monitoring body monitoring compliance and enforcement of the Code; in accordance with the requirements of the GDPR (expertise, independence);

10 Thank

How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015

How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015 How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015 Claudia Prettner, Unit for Health and Well-Being, DG CONNECT Table of

More information

BHBIA New Data Protection Rules. Pharma Company Perspective. Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD

BHBIA New Data Protection Rules. Pharma Company Perspective. Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD BHBIA New Data Protection Rules Pharma Company Perspective Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD Pharma Company Perspective Data Controllers Responsibilities

More information

Borderless ehealth in support of healthy citizens in Europe

Borderless ehealth in support of healthy citizens in Europe Borderless ehealth in support of healthy citizens in Europe Pēteris Zilgalvis, J.D. Head of Unit, ICT for Health DG Information Society and Media EHTEL 2011 Symposium Seamless Integration for Personal

More information

General Data Protection Regulation (GDPR) The impact of doing business in Asia

General Data Protection Regulation (GDPR) The impact of doing business in Asia SESSION ID: GPS-R09 General Data Protection Regulation (GDPR) The impact of doing business in Asia Ilias Chantzos Senior Director EMEA & APJ Government Affairs Symantec Corporation @ichantzos Typical Customer

More information

USER CORPORATE RULES. These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy.

USER CORPORATE RULES. These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy. These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy. I. OBJECTIVE ebay s goal is to apply uniform, adequate and global data protection

More information

EU draft mhealth app assessment guidelines: Open Stakeholder Meeting 9 th June. Andrew Ruck & Charles Lowe

EU draft mhealth app assessment guidelines: Open Stakeholder Meeting 9 th June. Andrew Ruck & Charles Lowe EU draft mhealth app assessment guidelines: Open Stakeholder Meeting 9 th June Andrew Ruck & Charles Lowe Purpose of this presentation To update stakeholders on the development of the voluntary EU guidelines

More information

Plan a Pragmatic Approach to the new EU Data Privacy Regulation

Plan a Pragmatic Approach to the new EU Data Privacy Regulation AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General

More information

PS Mailing Services Ltd Data Protection Policy May 2018

PS Mailing Services Ltd Data Protection Policy May 2018 PS Mailing Services Ltd Data Protection Policy May 2018 PS Mailing Services Limited is a registered data controller: ICO registration no. Z9106387 (www.ico.org.uk 1. Introduction 1.1. Background We collect

More information

Changing times in Swiss Data Privacy: new opportunities? Microsoft Security Day 27 April 2017 Clara-Ann Gordon

Changing times in Swiss Data Privacy: new opportunities? Microsoft Security Day 27 April 2017 Clara-Ann Gordon Changing times in Swiss Data Privacy: new opportunities? Clara-Ann Gordon Which countries have Data Protection Laws? Source: https://www.taylorwessing.com/globaldatahub/risk_map.html Page 2 Different Data

More information

You will see lots of references in the Checklist to the GDPR Pack if you would like to purchase this, go to

You will see lots of references in the Checklist to the GDPR Pack if you would like to purchase this, go to Suzanne Dibble 2018. Copyright in this document belongs to Suzanne Dibble. You may not copy or use it for any purpose unless you have purchased this template document from Suzanne Dibble. You may not allow

More information

Cisco Spark and GDPR. Thomas Flambeaux. Collaboration Consulting Solution Engineer, Security and Compliance. Cisco Connect 2018 Copenhagen April 12th

Cisco Spark and GDPR. Thomas Flambeaux. Collaboration Consulting Solution Engineer, Security and Compliance. Cisco Connect 2018 Copenhagen April 12th Cisco Spark and GDPR Thomas Flambeaux Collaboration Consulting Solution Engineer, Security and Compliance Cisco Connect 2018 Copenhagen April 12th 2015 Cisco and/or its affiliates. All rights reserved.

More information

Data Processing Agreement

Data Processing Agreement In accordance with the European Parliament- and Council s Directive (EU) 2016/679 of 27th April 2016 (hereinafter GDPR) on the protection of physical persons in connection with the processing of personal

More information

GDPR - Are you ready?

GDPR - Are you ready? GDPR - Are you ready? Anne-Marie Bohan and Michael Finn 24 March 2018 Matheson Ranked Ireland s Most Innovative Law Firm Financial Times 2017 International Firm in the Americas International Tax Review

More information

This Policy has been prepared with due regard to the General Data Protection Regulation (EU Regulation 2016/679) ( GDPR ).

This Policy has been prepared with due regard to the General Data Protection Regulation (EU Regulation 2016/679) ( GDPR ). PRIVACY POLICY Data Protection Policy 1. Introduction This Data Protection Policy (this Policy ) sets out how Brital Foods Limited ( we, us, our ) handle the Personal Data we Process in the course of our

More information

EU GDPR & ISO Integrated Documentation Toolkit https://advisera.com/eugdpracademy/eu-gdpr-iso integrated-documentation-toolkit

EU GDPR & ISO Integrated Documentation Toolkit https://advisera.com/eugdpracademy/eu-gdpr-iso integrated-documentation-toolkit EU GDPR & https://advisera.com/eugdpracademy/eu-gdpr-iso-27001-integrated-documentation-toolkit Note: The documentation should preferably be implemented in the order in which it is listed here. The order

More information

Do you handle EU residents personal data? The GDPR update is coming May 25, Are you ready?

Do you handle EU residents personal data? The GDPR update is coming May 25, Are you ready? European Union (EU) General Data Protection Regulation (GDPR) Do you handle EU residents personal data? The GDPR update is coming May 25, 2018. Are you ready? What do you need to do? Governance and Accountability

More information

Motorola Mobility Binding Corporate Rules (BCRs)

Motorola Mobility Binding Corporate Rules (BCRs) Motorola Mobility Binding Corporate Rules (BCRs) Introduction These Binding Privacy Rules ( Rules ) explain how the Motorola Mobility group ( Motorola Mobility ) respects the privacy rights of its customers,

More information

COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September Table of Contents. 1. Scope, Purpose and Application to Employees 2

COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September Table of Contents. 1. Scope, Purpose and Application to Employees 2 COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September 2018 Table of Contents 1. Scope, Purpose and Application to Employees 2 2. Reference Documents 2 3. Definitions 3 4. Data Protection Principles

More information

Privacy Policy. You may exercise your rights by sending a registered mail to the Privacy Data Controller.

Privacy Policy. You may exercise your rights by sending a registered mail to the Privacy Data Controller. Privacy Policy Revision date: April, 26th 2018 Privacy and security of personal data are of utmost importance to epresspack and we strive to ensure that our technical and organisational measures we have

More information

ACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION

ACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION ACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION Document Control Owner: Distribution List: Data Protection Officer Relevant individuals who access, use, store or

More information

The Role of the Data Protection Officer

The Role of the Data Protection Officer The Role of the Data Protection Officer Adrian Ross LLB (Hons), MBA GRC Consultant IT Governance Ltd 28 July 2016 www.itgovernance.co.uk Introduction Adrian Ross GRC consultant Infrastructure services

More information

FAQ about the General Data Protection Regulation (GDPR)

FAQ about the General Data Protection Regulation (GDPR) FAQ about the General Data Protection Regulation (GDPR) 1. When does the GDPR come into force? The GDPR was promulgated 25 May 2016 and comes into effect 25 May 2018. 2. Is there a transition period? We

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Data Protection Policy Version 3.00 May 2018 For more information, please contact: Technical Team T: 01903 228100 / 01903 550242 E: info@24x.com Page 1 The Data Protection Law...

More information

Data Protection. Code of Conduct for Cloud Infrastructure Service Providers

Data Protection. Code of Conduct for Cloud Infrastructure Service Providers Data Protection Code of Conduct for Cloud Infrastructure Service Providers 27 JANUARY 2017 Introduction... 3 1 Structure of the Code... 5 2 Purpose... 6 3 Scope... 7 4 Data Protection Requirements... 9

More information

Islam21c.com Data Protection and Privacy Policy

Islam21c.com Data Protection and Privacy Policy Islam21c.com Data Protection and Privacy Policy Purpose of this policy The purpose of this policy is to communicate to staff, volunteers, donors, non-donors, supporters and clients of Islam21c the approach

More information

CommuniGator. Your GDPR. Compliance Checklist

CommuniGator. Your GDPR. Compliance Checklist CommuniGator Your GDPR Compliance Checklist The impact of the EU GDPR on your business As of April 2016, the EU General Data Protection Regulation was adopted but it does not come into force until 25th

More information

SHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT

SHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT SHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT AGREEMENT DATED [ ] BETWEEN: (1) SHELTERMANAGER LTD and (2) [ ] ( The Customer ) BACKGROUND (A) (B) (C) This Agreement is to ensure there is in place

More information

Report of the Working Group on mhealth Assessment Guidelines February 2016 March 2017

Report of the Working Group on mhealth Assessment Guidelines February 2016 March 2017 Report of the Working Group on mhealth Assessment Guidelines February 2016 March 2017 1 1 INTRODUCTION 3 2 SUMMARY OF THE PROCESS 3 2.1 WORKING GROUP ACTIVITIES 3 2.2 STAKEHOLDER CONSULTATIONS 5 3 STAKEHOLDERS'

More information

Exploring the European Commission s Network and Information Security Directive (NIS) What every CISO should know

Exploring the European Commission s Network and Information Security Directive (NIS) What every CISO should know Exploring the European Commission s Network and Information Security Directive (NIS) What every CISO should know Aristotelis Tzafalias Programme Officer, Trust and Security DG Communications Networks,

More information

TIA. Privacy Policy and Cookie Policy 5/25/18

TIA. Privacy Policy and Cookie Policy 5/25/18 TIA Privacy Policy and Cookie Policy 5/25/18 Background: TIA understands that your privacy is important to you and that you care about how your information is used and shared online. We respect and value

More information

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow Managing Privacy Risk & Compliance in Financial Services Brett Hamilton Advisory Solutions Consultant ServiceNow 1 Speaker Introduction INSERT PHOTO Name: Brett Hamilton Title: Advisory Solutions Consultant

More information

ARTICLE 29 DATA PROTECTION WORKING PARTY

ARTICLE 29 DATA PROTECTION WORKING PARTY ARTICLE 29 DATA PROTECTION WORKING PARTY 18/EN WP261 Article 29 Working Party Draft Guidelines on the accreditation of certification bodies under Regulation (EU) 2016/679 Adopted on 6 february 2018 1 THE

More information

ehealth in Europe: at the convergence of technology, medicine, law and society

ehealth in Europe: at the convergence of technology, medicine, law and society ehealth in Europe: at the convergence of technology, medicine, law and society Pēteris Zilgalvis, J.D. Head of Unit, ICT for Health DG Information Society and Media, European Commission IPTS Spring Meeting,

More information

Google Cloud & the General Data Protection Regulation (GDPR)

Google Cloud & the General Data Protection Regulation (GDPR) Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to

More information

THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE

THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE EU DATA PROTECTION REGULATION Kalliopi Spyridaki Chief Privacy Strategist,

More information

"PPS" is Private Practice Software as developed and produced by Rushcliff Ltd.

PPS is Private Practice Software as developed and produced by Rushcliff Ltd. Rushcliff Ltd Data Processing Agreement This Data Processing Agreement ( DPA ) forms part of the main terms of use of PPS, PPS Express, PPS Online booking, any other Rushcliff products or services and

More information

PREPARING FOR THE GDPR AT THE UNIVERSITY OF HELSINKI

PREPARING FOR THE GDPR AT THE UNIVERSITY OF HELSINKI PREPARING FOR THE GDPR AT THE UNIVERSITY OF HELSINKI Jarkko Reittu Data Protection Officer and Legal Counsel University of Helsinki, Administrative Services jarkko.reittu@helsinki.fi 1 MY BACKGROUND JARKKO

More information

Introductory guide to data sharing. lewissilkin.com

Introductory guide to data sharing. lewissilkin.com Introductory guide to data sharing lewissilkin.com Executive Summary Most organisations carry out some form of data sharing, whether it be data sharing between organisations within the group or with external

More information

INTERMEDIATE EVALUATION

INTERMEDIATE EVALUATION EHEALTH ACTION PLAN 2012-2020 INTERMEDIATE EVALUATION ehealth Network meeting 7 June 2016, Amsterdam Paul Timmers Director - Digital Society, Trust and Security DG CONNECT EHEALTH ACTION PLAN 2012 2020

More information

Directive on security of network and information systems (NIS): State of Play

Directive on security of network and information systems (NIS): State of Play Directive on security of network and information systems (NIS): State of Play Svetlana Schuster Unit H1 Cybersecurity and Digital Privacy DG Communications Networks, Content and Technology, European Commission

More information

General Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant

General Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant General Data Protection Regulation April 3, 2018 Sarah Ackerman, Managing Director Ross Patz, Consultant Introductions Sarah Ackerman, CISSP, CISA Managing Director, Cincinnati Responsible for overall

More information

NEWSFLASH GDPR N 8 - New Data Protection Obligations

NEWSFLASH GDPR N 8 - New Data Protection Obligations GDPR N 8 May 2017 NEWSFLASH GDPR N 8 - New Data Protection Obligations Following the adoption of the new EU General Data Protection Regulation (GDPR) on 27 April 2016, most organisations began to re-examine

More information

THE NEW GENERAL DATA PROTECTION REGULATION IMPLICATIONS FOR ENTERPRISES. Forum financier du Brabant wallon

THE NEW GENERAL DATA PROTECTION REGULATION IMPLICATIONS FOR ENTERPRISES. Forum financier du Brabant wallon THE NEW GENERAL DATA PROTECTION REGULATION IMPLICATIONS FOR ENTERPRISES Forum financier du Brabant wallon 14.12.2017 Data Protection should be part of every company s or organisation s DNA Do you process

More information

DATA PROCESSING AGREEMENT

DATA PROCESSING AGREEMENT DATA PROCESSING AGREEMENT This Data Processing Agreement ( DPA ) is entered into between: A. The company stated in the Subscription Agreement (as defined below) ( Data Controller ) and B. Umbraco A/S Haubergsvej

More information

Data Privacy Statement for myportal to go

Data Privacy Statement for myportal to go Data Privacy Statement for myportal to go Contents 1. Scope... 2 2. Data Handled by Unify Through myportal to go... 2 3. Disclosure of Your Personal Data... 3 4. Accessing, Correcting and Deleting Your

More information

General Data Protection Regulation (GDPR) NEW RULES

General Data Protection Regulation (GDPR) NEW RULES General Data Protection Regulation (GDPR) NEW RULES AGENDA A. GDPR : general overview B. Sectorial topics and concerns GDPR GENERAL OVERVIEW 1. GDPR : WHAT IS IT AND WHY CARE? 27 April 2016 : Approval

More information

General Data Protection Regulation (GDPR) Key Facts & FAQ s

General Data Protection Regulation (GDPR) Key Facts & FAQ s General Data Protection Regulation (GDPR) Key Facts & FAQ s GDPR comes into force on 25 May 2018 GDPR replaces the Data Protection Act 1998. The main principles are much the same as those in the current

More information

Data Protection and GDPR

Data Protection and GDPR Data Protection and GDPR At DPDgroup UK Ltd (DPD & DPD Local) we take data protection seriously and have updated all our relevant policies and documents to ensure we meet the requirements of GDPR. We have

More information

The isalon GDPR Guide Helping you understand and prepare for the legislation

The isalon GDPR Guide Helping you understand and prepare for the legislation The isalon GDPR Guide Helping you understand and prepare for the legislation 01522 887200 isalonsoftware.co.uk Read our guide today to help you plan for the new legislation.. The General Data Protection

More information

DATA PROTECTION POLICY THE HOLST GROUP

DATA PROTECTION POLICY THE HOLST GROUP DATA PROTECTION POLICY THE HOLST GROUP INTRODUCTION The purpose of this document is to provide a concise policy regarding the data protection obligations of The Holst Group. The Holst Group is a data controller

More information

In this Policy the following terms shall have the following meanings:

In this Policy the following terms shall have the following meanings: NJR TRADING LTD understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, https://bar-tonic.

More information

Eco Web Hosting Security and Data Processing Agreement

Eco Web Hosting Security and Data Processing Agreement 1 of 7 24-May-18, 11:50 AM Eco Web Hosting Security and Data Processing Agreement Updated 19th May 2018 1. Introduction 1.1 The customer agreeing to these terms ( The Customer ), and Eco Web Hosting, have

More information

Kohelet Policy Forum R.A. Site Legal Terms. What personal data we collect and why we collect it. Comments. Media. Contact forms and newsletter

Kohelet Policy Forum R.A. Site Legal Terms. What personal data we collect and why we collect it. Comments. Media. Contact forms and newsletter Kohelet Policy Forum R.A. Site Legal Terms Our address: 8 Am Ve'loamo Street Jerusalem office@kohelet.org.il www.kohelet.org.il What personal data we collect and why we collect it We collect anonymous

More information

ADMA Briefing Summary March

ADMA Briefing Summary March ADMA Briefing Summary March 2013 www.adma.com.au Privacy issues are being reviewed globally. In most cases, technological changes are driving the demand for reforms and Australia is no exception. From

More information

Contributed by Djingov, Gouginski, Kyutchukov & Velichkov

Contributed by Djingov, Gouginski, Kyutchukov & Velichkov Contributed by Djingov, Gouginski, Kyutchukov & Velichkov General I Data Protection Laws National Legislation General data protection laws The Personal Data Protection Act implemented the Data Protection

More information

GDPR: A QUICK OVERVIEW

GDPR: A QUICK OVERVIEW GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance

More information

NOTICE OF PERSONAL DATA PROCESSING

NOTICE OF PERSONAL DATA PROCESSING Last modified: May 22, 2018 NOTICE OF PERSONAL DATA PROCESSING InVue Security Products Inc. ( InVue, "Corporation" Company, Our, and We") respects your privacy and is committed to protecting your privacy

More information

General Data Protection Regulation Frequently Asked Questions (FAQ) General Questions

General Data Protection Regulation Frequently Asked Questions (FAQ) General Questions General Data Protection Regulation Frequently Asked Questions (FAQ) This document addresses some of the frequently asked questions regarding the General Data Protection Regulation (GDPR), which goes into

More information

DEPARTMENT OF JUSTICE AND EQUALITY. Data Protection Policy

DEPARTMENT OF JUSTICE AND EQUALITY. Data Protection Policy DEPARTMENT OF JUSTICE AND EQUALITY Data Protection Policy May 2018 Contents Page 1. Introduction 3 2. Scope 3 3. Data Protection Principles 4 4. GDPR - Rights of data subjects 6 5. Responsibilities of

More information

CTI BioPharma Privacy Notice

CTI BioPharma Privacy Notice CTI BioPharma Privacy Notice Effective: 29 November 2018 Introduction and Scope CTI BioPharma Corp. ( CTI, our, us ) takes the protection of your personal data very seriously. This Privacy Notice (this

More information

GDPR AMC SAAS AND HOSTED MODULES. UK version. AMC Consult A/S June 26, 2018 Version 1.10

GDPR AMC SAAS AND HOSTED MODULES. UK version. AMC Consult A/S June 26, 2018 Version 1.10 GDPR AMC SAAS AND HOSTED MODULES UK version AMC Consult A/S June 26, 2018 Version 1.10 INDEX 1 Signatures...3 2 General...4 3 Definitions...5 4 Scoping...6 4.1 In scope...6 5 Responsibilities of the data

More information

Data Protection System of Georgia. Nina Sarishvili Head of International Relations Department

Data Protection System of Georgia. Nina Sarishvili Head of International Relations Department Data Protection System of Georgia Nina Sarishvili Head of International Relations Department 14/12/2016 Legal Framework INTERNATIONAL INSTRUMENTS CoE 108 Convention AP on Supervisory Authorities and Trans-

More information

Data Processing Agreement for Oracle Cloud Services

Data Processing Agreement for Oracle Cloud Services Data Processing Agreement for Oracle Cloud Services Version January 12, 2018 1. Scope, Order of Precedence and Term 1.1 This data processing agreement (the Data Processing Agreement ) applies to Oracle

More information

2. Who we collect information (data) from & why we collect it

2. Who we collect information (data) from & why we collect it 1. Introduction Our Privacy Policy applies to the personal data that Ambrey collects and uses. References in this Privacy Policy to Ambrey, we, us or our mean Ambrey Limited and the Ambrey Group of companies:

More information

Controlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:

Controlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes: Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information

More information

EU GDPR and . The complete text of the EU GDPR can be found at What is GDPR?

EU GDPR and  . The complete text of the EU GDPR can be found at  What is GDPR? EU GDPR and Email The EU General Data Protection Regulation (GDPR) is the new legal framework governing the use of the personal data of European Union (EU) citizens across all EU markets. It replaces existing

More information

Core Elements of HIPAA The Privacy Rule establishes individuals privacy rights and addresses the use and disclosure of protected health information ( PHI ) by covered entities and business associates The

More information

EY s data privacy service offering

EY s data privacy service offering EY s data privacy service offering How to transform your data privacy capabilities for an EU General Data Protection Regulation (GDPR) world Introduction Data privacy encompasses the rights and obligations

More information

Accelerate GDPR compliance with the Microsoft Cloud

Accelerate GDPR compliance with the Microsoft Cloud Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Accelerate GDPR compliance with

More information

Site Builder Privacy and Data Protection Policy

Site Builder Privacy and Data Protection Policy Site Builder Privacy and Data Protection Policy This policy applies to the work of the Third Age Trust s Site Builder Team. The policy sets out the approach of the Team in managing personal information

More information

GC0104:EU Connection Codes GB Implementation Demand Connection Code

GC0104:EU Connection Codes GB Implementation Demand Connection Code GC0104:EU Connection Codes GB Implementation Demand Connection Code Place your chosen image here. The four corners must just cover the arrow tips. For covers, the three pictures should be the same size

More information

Request for Expressions of Interest: The EU mhealth Hub

Request for Expressions of Interest: The EU mhealth Hub Request for Expressions of Interest: The EU mhealth Hub A project within the framework of the WHO-ITU joint initiative Be He@lthy, Be Mobile The project is supported by the European Commission Horizon2020

More information

Regulating Telemedicine: the

Regulating Telemedicine: the Regulating Telemedicine: the EU perspective ETSI ehealth workshop On telemedicine 6-7 May 2014 Céline Deswarte, Policy officer Unit Health and Well-Being European Commission i Table of Contents t 1) Legal

More information

Preparing for the GDPR

Preparing for the GDPR Preparing for the GDPR 1 February 2018 EXPECT EXCELLENCE DUBLIN BELFAST LONDON NEW YORK SILICON VALLEY arthurcox.com The EU General Data Protection Regulation (known as the GDPR ) will replace the current

More information

GUIDELINES FOR THE USE OF THE e-commerce WORKFLOW IN IMI

GUIDELINES FOR THE USE OF THE e-commerce WORKFLOW IN IMI GUIDELINES FOR THE USE OF THE e-commerce WORKFLOW IN IMI 2 Contents I. BACKGROUND... 3 II. e-commerce WORKFLOW... 3 1) CREATION of a request... 6 2) REPLY to a request... 10 3) CLOSURE of a request...

More information

PROJECT BACKGROUND AND RATIONALE

PROJECT BACKGROUND AND RATIONALE PROJECT BACKGROUND AND RATIONALE The political agreement on the EU General Data Protection Regulation (GDPR) has been reached and the new Regulation will be on the books by the end of the first quarter

More information

The Rough Notes Company, Inc. Privacy Policy. Effective Date: June 11, 2018

The Rough Notes Company, Inc. Privacy Policy. Effective Date: June 11, 2018 The Rough Notes Company, Inc. Privacy Policy Effective Date: June 11, 2018 The Rough Notes Company ( Rough Notes, we, us, our ) respects your privacy, and takes the responsibility of protecting the personal

More information

Data Management and Security in the GDPR Era

Data Management and Security in the GDPR Era Data Management and Security in the GDPR Era Franck Hourdin; Vice President, EMEA Security Russ Lowenthal; Director, Database Security Product Management Mike Turner; Chief Operating Officer, Capgemini

More information

A comprehensive approach on personal data protection in the European Union

A comprehensive approach on personal data protection in the European Union A comprehensive approach on personal data protection in the Justice Date 1 Main legal instruments on EU level Data Protection Directive 95/46/EC Directive 2002/58/EC on privacy and electronic communications

More information

EU Data Protection Agreement

EU Data Protection Agreement EU Data Protection Agreement This Data Protection Agreement ("Agreement") is entered into by and between TechTarget, Inc., a Delaware corporation with a principle place of business at 275 Grove Street,

More information

The GDPR and NIS Directive: Risk-based security measures and incident notification requirements

The GDPR and NIS Directive: Risk-based security measures and incident notification requirements The GDPR and NIS Directive: Risk-based security measures and incident notification requirements Adrian Ross LLB (Hons), MBA GRC Consultant IT Governance Ltd 4 May 2017 Introduction Adrian Ross GRC consultant

More information

Information Security Incident Reporting Policy

Information Security Incident Reporting Policy Information Security Incident Reporting Policy Date Published June 2016 Version 3 Last Approved Date 23 rd May 2018 Review Cycle 1 Year Review Date May 2019 Learning together; to be the best we can be

More information

Cybersecurity Considerations for GDPR

Cybersecurity Considerations for GDPR Cybersecurity Considerations for GDPR What is the GDPR? The General Data Protection Regulation (GDPR) is a brand new legislation containing updated requirements for how personal data of European Union

More information

VERSION 1.3 MAY 1, 2018 SNOWFLY PRIVACY POLICY SNOWFLY PERFORMANCE INC. P.O. BOX 95254, SOUTH JORDAN, UT

VERSION 1.3 MAY 1, 2018 SNOWFLY PRIVACY POLICY SNOWFLY PERFORMANCE INC. P.O. BOX 95254, SOUTH JORDAN, UT VERSION 1.3 MAY 1, 2018 SNOWFLY PRIVACY POLICY SNOWFLY PERFORMANCE INC. P.O. BOX 95254, SOUTH JORDAN, UT 84095-9998 SNOWFLY PRIVACY POLICY This Privacy Policy describes Snowfly s practices regarding the

More information

European Commission Initiatives in telemedicine Presentation endorsed by the European Commission

European Commission Initiatives in telemedicine Presentation endorsed by the European Commission European Commission Initiatives in telemedicine Presentation endorsed by the European Commission Nicole Denjoy COCIR Secretary General How does the EU contribute to the large-scale deployment of telemedicine?

More information

Privacy Policy. MIPS Website Privacy Policy. Document Information. Contact Details. Version 1.0 Version date March 2018.

Privacy Policy. MIPS Website Privacy Policy. Document Information. Contact Details. Version 1.0 Version date March 2018. Privacy Policy MIPS Website Privacy Policy Version 1.0 Version date March 2018 Document Information Prepared for Users of MIPS websites Prepared by MIPS NV Date 27/02/2018 Contact Details Joffrey WILLEM

More information

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE PREPARATION FOR GDPR IS ESSENTIAL The EU GDPR imposes interrelated obligations for organizations handling

More information

STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL?

STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL? ETSI SUMMIT Releasing the Flow Data Protection and Privacy in a Data-Driven Economy 19 April 2018 STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL? Presented by

More information

Discussion on MS contribution to the WP2018

Discussion on MS contribution to the WP2018 Discussion on MS contribution to the WP2018, 30 January 2018 European Union Agency for Network and Information Security Possibilities for MS contribution to the WP2018 Expert Groups ENISA coordinates several

More information

Element Finance Solutions Ltd Data Protection Policy

Element Finance Solutions Ltd Data Protection Policy Element Finance Solutions Ltd Data Protection Policy CONTENTS Section Title 1 Introduction 2 Why this Policy Exists 3 Data Protection Law 4 Responsibilities 5 6 7 8 9 10 Data Protection Impact Assessments

More information

Data Processing Clauses

Data Processing Clauses Data Processing Clauses The examples of processing clauses below are proposed pending the adoption of standard contractual clauses within the meaning of Article 28.8 of general data protection regulation.

More information

ATHLETICS WORLD CUP PRIVACY NOTICE

ATHLETICS WORLD CUP PRIVACY NOTICE ATHLETICS WORLD CUP PRIVACY NOTICE This Privacy Notice explains how Athletics World Cup ("AWC") collects, uses and shares the personal information that you provide to us either when using this website

More information

Introduction. Prepared by: ICANN Org Published on: 12 January 2018

Introduction. Prepared by: ICANN Org Published on: 12 January 2018 Proposed Interim Models for Compliance with ICANN Agreements and Policies in Relation to the European Union s General Data Protection Regulation For Discussion Prepared by: ICANN Org Published on: 12 January

More information

Emsi Privacy Shield Policy

Emsi Privacy Shield Policy Emsi Privacy Shield Policy Scope The Emsi Privacy Shield Policy ( Policy ) applies to the collection and processing of Personal Data that Emsi obtains from Data Subjects located in the European Union (

More information

Getting ready for GDPR. Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions

Getting ready for GDPR. Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions Getting ready for GDPR Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions GDPR Background Single EU-wide Regulation Harmonizes Global User Data Protection across

More information

Privacy Policy... 1 EU-U.S. Privacy Shield Policy... 2

Privacy Policy... 1 EU-U.S. Privacy Shield Policy... 2 Privacy Policy... 1 EU-U.S. Privacy Shield Policy... 2 Privacy Policy knows that your privacy is important to you. Below is our privacy policy for collecting, using, securing, protecting and sharing your

More information

DATA PROTECTION LAWS OF THE WORLD. Bahrain

DATA PROTECTION LAWS OF THE WORLD. Bahrain DATA PROTECTION LAWS OF THE WORLD Bahrain Downloaded: 7 April 2018 BAHRAIN Last modified 25 January 2017 LAW There is currently no standalone data protection law in Bahrain. A draft is being reviewed before

More information

Project Better Energy Limited s registered office is Witan Gate House, Witan Gate West, Milton Keynes, Buckinghamshire, MK9 1SH

Project Better Energy Limited s registered office is Witan Gate House, Witan Gate West, Milton Keynes, Buckinghamshire, MK9 1SH PRIVACY NOTICE Curv360 is a part of the Project Better Energy Limited group of companies and is a controller of any personal data you provide. We respect your data and your privacy is important to us.

More information

Birgit Morlion. DG Communications Networks, Content and Technology (DG CONNECT)

Birgit Morlion. DG Communications Networks, Content and Technology (DG CONNECT) Digital transformation of health and care in the Digital Single Market Harnessing the potential of data to empower citizens and build a healthier society DG Communications Networks, Content and Technology

More information

GDPR is coming in less than 2 months Are you ready?

GDPR is coming in less than 2 months Are you ready? GDPR is coming in less than 2 months Are you ready? Charles-Albert Helleputte Partner, Brussels +32 2 551 5982 chelleputte@mayerbrown.com 30 March 2018 2 GDPR is everywhere... You were invited by UNICEO

More information